Xref: utzoo alt.security:750 comp.protocols.tcp-ip:11544 alt.sys.sun:945
Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!cs.utexas.edu!sdd.hp.com!ucsd!nosc!humu!pegasus!richard
From: richard@pegasus.com (Richard Foulk)
Newsgroups: alt.security,comp.protocols.tcp-ip,alt.sys.sun
Subject: Re: anonymous ftp, and the dangers thereof
Message-ID: <1990Jun5.002739.16450@pegasus.com>
Date: 5 Jun 90 00:27:39 GMT
References: <6703@blake.acs.washington.edu> <1990Apr20.192233.4092@utzoo.uucp> <1990Apr21.222928.24498@Solbourne.COM>
Organization: Pegasus,  Honolulu
Lines: 18

>>Ah yes, good old security-through-obscurity.  Where have we heard that
>>before?
>
>And it doesn't work.  Never has, never will.  The only people that you
>will catch by this are the people too lazy to be inventive.  And those
>are the people least likely to crack your system anyway.

But, there are probably alot more of the "too lazy to be inventive"
types around.

"Security-thourgh-obscurity" certainly isn't great.  But I haven't seen
or heard of any evidence that it's totally useless.

Multiple layers of security would seem to be better than one "perfect"
barrier.

-- 
Richard Foulk		richard@pegasus.com